Log in to the OpenSSO server administration console as amadmin.
Click Access Control, the default realm, and then Subjects.
Create a new user. For example: dauser
Create a new group. For example: dagroup
Add the new user to the new group.
Click Privileges and then the link for the new group.
Select the "Read and write access to all realm and policy properties" privilege and click Save.